From 380f848f624e8ed63450670d73921cb48ece590b Mon Sep 17 00:00:00 2001 From: Rsl1122 <24460436+Rsl1122@users.noreply.github.com> Date: Tue, 21 Jan 2020 16:33:29 +0200 Subject: [PATCH] Added 'Webserver.Security.Disable_authentication' setting. This is a feature flag to not have authentication even when https has been enabled. Affects issues: - Close #1264 --- .../com/djrapitops/plan/delivery/webserver/WebServer.java | 6 ++++-- .../plan/settings/config/paths/WebserverSettings.java | 1 + .../djrapitops/plan/settings/locale/lang/PluginLang.java | 2 ++ Plan/common/src/main/resources/assets/plan/bungeeconfig.yml | 2 ++ Plan/common/src/main/resources/assets/plan/config.yml | 2 ++ 5 files changed, 11 insertions(+), 2 deletions(-) diff --git a/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/WebServer.java b/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/WebServer.java index 6eda8a48e..e4bd28efc 100644 --- a/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/WebServer.java +++ b/Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/WebServer.java @@ -137,8 +137,10 @@ public class WebServer implements SubSystem { logger.log(L.INFO_COLOR, "§e" + locale.getString(PluginLang.WEB_SERVER_NOTIFY_HTTP_USER_AUTH)); server = HttpServer.create(new InetSocketAddress(config.get(WebserverSettings.INTERNAL_IP), port), 10); } else if (server == null) { - logger.log(L.INFO_COLOR, "§eWebServer: Proxy HTTPS Override enabled. HTTP Server in use, make sure that your Proxy webserver is routing with HTTPS and AlternativeIP.Link points to the Proxy"); + logger.log(L.INFO_COLOR, "§e" + locale.getString(PluginLang.WEB_SERVER_NOTIFY_USING_PROXY_MODE)); server = HttpServer.create(new InetSocketAddress(config.get(WebserverSettings.INTERNAL_IP), port), 10); + } else if (config.isTrue(WebserverSettings.DISABLED_AUTHENTICATION)) { + logger.info(locale.getString(PluginLang.WEB_SERVER_NOTIFY_HTTPS_USER_AUTH)); } server.createContext("/", requestHandler); @@ -295,7 +297,7 @@ public class WebServer implements SubSystem { } public boolean isAuthRequired() { - return isUsingHTTPS(); + return isUsingHTTPS() && config.isFalse(WebserverSettings.DISABLED_AUTHENTICATION); } public String getAccessAddress() { diff --git a/Plan/common/src/main/java/com/djrapitops/plan/settings/config/paths/WebserverSettings.java b/Plan/common/src/main/java/com/djrapitops/plan/settings/config/paths/WebserverSettings.java index 4a6761900..58b58b2c3 100644 --- a/Plan/common/src/main/java/com/djrapitops/plan/settings/config/paths/WebserverSettings.java +++ b/Plan/common/src/main/java/com/djrapitops/plan/settings/config/paths/WebserverSettings.java @@ -38,6 +38,7 @@ public class WebserverSettings { public static final Setting CERTIFICATE_STOREPASS = new StringSetting("Webserver.Security.SSL_certificate.Store_pass"); public static final Setting CERTIFICATE_ALIAS = new StringSetting("Webserver.Security.SSL_certificate.Alias"); public static final Setting DISABLED = new BooleanSetting("Webserver.Disable_Webserver"); + public static final Setting DISABLED_AUTHENTICATION = new BooleanSetting("Webserver.Security.Disable_authentication"); public static final Setting EXTERNAL_LINK = new StringSetting("Webserver.External_Webserver_address"); private WebserverSettings() { diff --git a/Plan/common/src/main/java/com/djrapitops/plan/settings/locale/lang/PluginLang.java b/Plan/common/src/main/java/com/djrapitops/plan/settings/locale/lang/PluginLang.java index 29a6cb603..ec21811da 100644 --- a/Plan/common/src/main/java/com/djrapitops/plan/settings/locale/lang/PluginLang.java +++ b/Plan/common/src/main/java/com/djrapitops/plan/settings/locale/lang/PluginLang.java @@ -42,7 +42,9 @@ public enum PluginLang implements Lang { WEB_SERVER_FAIL_STORE_LOAD("WebServer FAIL - Store Load", "WebServer: SSL Certificate loading Failed."), WEB_SERVER_NOTIFY_NO_CERT_FILE("WebServer - Notify no Cert file", "WebServer: Certificate KeyStore File not Found: ${0}"), WEB_SERVER_NOTIFY_HTTP("WebServer - Notify HTTP", "WebServer: No Certificate -> Using HTTP-server for Visualization."), + WEB_SERVER_NOTIFY_USING_PROXY_MODE("WebServer - Notify Using Proxy", "WebServer: Proxy-mode HTTPS enabled, make sure that your reverse-proxy is routing using HTTPS and Plan AlternativeIP.Link points to the Proxy"), WEB_SERVER_NOTIFY_HTTP_USER_AUTH("WebServer - Notify HTTP User Auth", "WebServer: User Authorization Disabled! (Not secure over HTTP)"), + WEB_SERVER_NOTIFY_HTTPS_USER_AUTH("WebServer - Notify HTTPS User Auth", "WebServer: User Authorization Disabled! (Disabled in config)"), DISABLED("Disable", "Player Analytics Disabled."), DISABLED_WEB_SERVER("Disable - WebServer", "Webserver has been disabled."), diff --git a/Plan/common/src/main/resources/assets/plan/bungeeconfig.yml b/Plan/common/src/main/resources/assets/plan/bungeeconfig.yml index 41aee9713..0227c823d 100644 --- a/Plan/common/src/main/resources/assets/plan/bungeeconfig.yml +++ b/Plan/common/src/main/resources/assets/plan/bungeeconfig.yml @@ -50,6 +50,8 @@ Webserver: Key_pass: default Store_pass: default Alias: alias + # HTTPS is required for Login. + Disable_authentication: false # Cross-Origin Resource Sharing (Requests from non-Plan web pages) # https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS CORS: diff --git a/Plan/common/src/main/resources/assets/plan/config.yml b/Plan/common/src/main/resources/assets/plan/config.yml index 5cac14a49..1043b2bcf 100644 --- a/Plan/common/src/main/resources/assets/plan/config.yml +++ b/Plan/common/src/main/resources/assets/plan/config.yml @@ -52,6 +52,8 @@ Webserver: Key_pass: default Store_pass: default Alias: alias + # HTTPS is required for Login. + Disable_authentication: false # Cross-Origin Resource Sharing (Requests from non-Plan web pages) # https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS CORS: